diff --git a/CHANGELOG.md b/CHANGELOG.md
index 41af8c2..0950072 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/).
### Unreleased
+### [1.2.0] - 2024-04-13
+
+- dnswl: sending OK on helo & mail hooks disabled by default
+- check_zones: check all zones concurrently (test speedup)
+
### [1.1.0] - 2024-04-10
- feat: imported backscatterer from haraka/Haraka
@@ -29,3 +34,4 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/).
[1.0.2]: https://github.com/haraka/haraka-plugin-dns-list/releases/tag/v1.0.2
[1.0.3]: https://github.com/haraka/haraka-plugin-dns-list/releases/tag/v1.0.3
[1.1.0]: https://github.com/haraka/haraka-plugin-dns-list/releases/tag/v1.1.0
+[1.2.0]: https://github.com/haraka/haraka-plugin-dns-list/releases/tag/v1.2.0
diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md
index c4c2d49..73e1dd8 100644
--- a/CONTRIBUTORS.md
+++ b/CONTRIBUTORS.md
@@ -2,7 +2,7 @@
This handcrafted artisinal software is brought to you by:
-| 
msimerson (6) | 
lnedry (1) |
+|
msimerson (7) |
lnedry (1) |
| :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: |
this file is maintained by [.release](https://github.com/msimerson/.release)
diff --git a/README.md b/README.md
index 305aaa8..b5b03bb 100644
--- a/README.md
+++ b/README.md
@@ -102,6 +102,15 @@ The exact name of the DNS zone (as specified above in main.zones) may contain se
- reject=true (default: true) Reject connections from IPs on block lists. Setting this to false makes dnsbl informational. reject=false is best used in conjunction with plugins like [karma](https://github.com/haraka/haraka-plugin-karma) that employ a scoring engine to make choices about message delivery.
- ipv6=true | false
+#### dnswl
+
+```ini
+ok_helo=false
+ok_mail=false
+```
+
+if DNSBL returns OK on the mail hook, it prevents any subsequent mail hooks in other plugins from running. This might include [SPF](haraka-plugin-spf), [known senders](https://github.com/haraka/haraka-plugin-known-senders), [karma](https://github.com/haraka/haraka-plugin-karma), recipient plugins, and any other plugins that want to do transaction initialization on `hook_mail`. It can be dangerous.
+
[ci-img]: https://github.com/haraka/haraka-plugin-dns-list/actions/workflows/ci.yml/badge.svg
[ci-url]: https://github.com/haraka/haraka-plugin-dns-list/actions/workflows/ci.yml
[clim-img]: https://codeclimate.com/github/haraka/haraka-plugin-dns-list/badges/gpa.svg
diff --git a/config/dns-list.ini b/config/dns-list.ini
index c21e0e3..e1b5c2e 100644
--- a/config/dns-list.ini
+++ b/config/dns-list.ini
@@ -94,6 +94,9 @@ loopback_is_rejected=true
[list.dnswl.org]
; https://www.dnswl.org/?page_id=15
type=allow
+; see docs
+ok_helo=false
+ok_mail=false
; 127.0.{2-20}.{0-3}
diff --git a/index.js b/index.js
index 6f0495a..e753d0c 100644
--- a/index.js
+++ b/index.js
@@ -16,11 +16,18 @@ exports.register = function () {
this.register_hook('connect', 'onConnect')
- // IMPORTANT: don't run this on hook_rcpt otherwise we're an open relay...
- for (const hook of ['ehlo', 'helo', 'mail']) {
- this.register_hook(hook, 'check_dnswl')
+ if (this.cfg['ips.backscatterer.org'].enable) {
+ this.register_hook('mail', 'check_backscatterer')
+ }
+
+ // IMPORTANT: don't run this on hook_rcpt else we're an open relay...
+ if (this.cfg['list.dnswl.org'].ok_helo) {
+ this.register_hook('helo', 'check_dnswl')
+ this.register_hook('ehlo', 'check_dnswl')
+ }
+ if (this.cfg['list.dnswl.org'].ok_mail) {
+ this.register_hook('mail', 'check_dnswl')
}
- this.register_hook('mail', 'check_backscatterer')
}
exports.load_config = function () {
@@ -33,6 +40,8 @@ exports.load_config = function () {
'*.ipv6',
'*.loopback_is_rejected',
'-ips.backscatterer.org.enable',
+ '-list.dnswl.org.ok_helo',
+ '-list.dnswl.org.ok_mail',
],
},
() => {
@@ -375,12 +384,15 @@ exports.check_zone = async function (zone) {
exports.check_zones = async function (interval) {
if (interval) interval = parseInt(interval)
+ const promises = []
for (const zone of this.cfg.main.zones) {
- try {
- await this.check_zone(zone)
- } catch (err) {
- console.error(`zone ${zone} err: ${err}`)
- }
+ promises.push(this.check_zone(zone))
+ }
+
+ try {
+ await Promise.all(promises)
+ } catch (err) {
+ console.error(err)
}
// Set a timer to re-test
diff --git a/package.json b/package.json
index cca2e1c..fb075f4 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "haraka-plugin-dns-list",
- "version": "1.1.0",
+ "version": "1.2.0",
"description": "Haraka plugin for DNS lists (DNSBL, DNSWL)",
"main": "index.js",
"files": [
diff --git a/test/dns-list.js b/test/dns-list.js
index 438e7c3..e2b9162 100644
--- a/test/dns-list.js
+++ b/test/dns-list.js
@@ -40,26 +40,31 @@ describe('dns-list', function () {
describe('lookup', function () {
it('Spamcop, test IPv4', async function () {
+ this.timeout=4000
const a = await this.plugin.lookup('127.0.0.2', 'bl.spamcop.net')
assert.deepStrictEqual(['127.0.0.2'], a)
})
it('Spamcop, unlisted IPv6', async function () {
+ this.timeout=4000
const r = await this.plugin.lookup('::1', 'bl.spamcop.net')
assert.deepStrictEqual(undefined, r)
})
it('b.barracudacentral.org, unlisted IPv6', async function () {
+ this.timeout=4000
const r = await this.plugin.lookup('::1', 'b.barracudacentral.org')
assert.deepStrictEqual(undefined, r)
})
it('Spamcop, unlisted IPv4', async function () {
+ this.timeout=4000
const a = await this.plugin.lookup('127.0.0.1', 'bl.spamcop.net')
assert.deepStrictEqual(undefined, a)
})
it('CBL', async function () {
+ this.timeout=4000
const a = await this.plugin.lookup('127.0.0.2', 'xbl.spamhaus.org')
assert.deepStrictEqual(a, ['127.0.0.4'])
})